I was under the impression this is only specific to 8u151, however, make sure you have done the basic checks. (java -version returns the correct java version, and you are using a new terminal to start the server once java is updated.)
PS: I am using 1.8.0_131-b11 and not getting this issue. Thanks! On Thu, Nov 23, 2017 at 4:30 PM, Isuru Uyanage <isur...@wso2.com> wrote: > Hi All, > I downgraded Java to (build 1.8.0_144-b01) and restarted the APIM 2.1.0 > > But still, I'm getting the same error. Any thoughts about this. > > *Thanks and Best Regards,* > > *Isuru Uyanage* > *Software Engineer - QA | WSO2* > *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* > *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ > <https://www.linkedin.com/in/isuru-uyanage/>* > > > > > On Thu, Nov 23, 2017 at 1:22 PM, Isuru Uyanage <isur...@wso2.com> wrote: > >> Hi All, >> >> I tried updating Owasp.CsrfGuard.Carbon.properties file, which is in >> $APIM_HOME/repository/conf/security folder by adding the below entry. >> org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont >> ext%/carbon/admin/* >> >> I could log in to the Management console with admin credentials but once >> try to creating user/user roles, cannot proceed further and the same issue >> is repeating. I think the best option is to downgrade the java. >> >> Thanks, >> >> *Thanks and Best Regards,* >> >> *Isuru Uyanage* >> *Software Engineer - QA | WSO2* >> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >> <https://www.linkedin.com/in/isuru-uyanage/>* >> >> >> >> >> On Thu, Nov 23, 2017 at 4:54 AM, roshan wijesena <roshan86...@gmail.com> >> wrote: >> >>> Hi Rumy, >>> >>> is this mail public ?, [Important][Critical] None of WSO2 products are >>> working with latest JDK. >>> >>> I am also facing the same problem, however downgrade java is not a >>> option for me :( >>> >>> On Wed, Nov 22, 2017 at 11:09 PM, Mushthaq Rumy <musht...@wso2.com> >>> wrote: >>> >>>> Hi Isuru, >>>> >>>> Seems like the java version is causing this issue. This issue is there >>>> with java JDK 8u151. Please refer [1] for more details. >>>> >>>> [1] - [Important][Critical] None of WSO2 products are working with >>>> latest JDK [Was: GZIP decoding issue in APIM/EI when deployed in MC] >>>> >>>> Thanks & Regards, >>>> Mushthaq >>>> >>>> On Wed, Nov 22, 2017 at 3:35 PM, Irham Iqbal <iq...@wso2.com> wrote: >>>> >>>>> Hi Isuru, >>>>> >>>>> The reason might the java version you're using. >>>>> >>>>> You can update the Owasp.CsrfGuard.Carbon.properties file, which is >>>>> in $APIM_HOME/repository/conf/security folder with the bellowing >>>>> entry to ignore this error, IMO it's better if you use the proper java >>>>> version. >>>>> org.owasp.csrfguard.unprotected.mgtconsolelogin=%servletCont >>>>> ext%/carbon/admin/* >>>>> >>>>> Thanks, >>>>> Iqbal >>>>> >>>>> On Wed, Nov 22, 2017 at 3:08 PM, Isuru Uyanage <isur...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> I'm using wum updated pack (wso2am-2.1.0.1511201090302) for API >>>>>> Manager. After APIM server is started with the fresh pack, I can navigate >>>>>> to Management Console. But once I'm trying to log in with admin >>>>>> credentials, I cannot log in. The error is as below. >>>>>> >>>>>> Error: 403 Forbidden >>>>>> JavaLogger potential cross-site request forgery (CSRF) attack >>>>>> thwarted (user:<anonymous>, ip:10.100.5.136, method:POST, >>>>>> uri:/carbon/admin/login_action.jsp, error:required token is missing >>>>>> from the request) >>>>>> >>>>>> Affected Product Version: >>>>>> wum updated pack: wso2am-2.1.0.1511201090302.zip >>>>>> >>>>>> Environment details and versions: >>>>>> >>>>>> macOS High Sierra >>>>>> Version 10.13.1 >>>>>> Google Chrome: Version 62.0.3202.94 (Official Build) (64-bit) >>>>>> Firefox: 57.0 >>>>>> >>>>>> Any thoughts about this are highly appreciated. >>>>>> >>>>>> >>>>>> *Thanks and Best Regards,* >>>>>> >>>>>> *Isuru Uyanage* >>>>>> *Software Engineer - QA | WSO2* >>>>>> *Mobile : **+94 77 <+94%2077%20767%201807> 55 30752* >>>>>> *LinkedIn: **https://www.linkedin.com/in/isuru-uyanage/ >>>>>> <https://www.linkedin.com/in/isuru-uyanage/>* >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Irham Iqbal >>>>> Software Engineer >>>>> WSO2 >>>>> phone: +94 777888452 >>>>> <http://wso2.com/signature> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Mushthaq Rumy >>>> *Software Engineer* >>>> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194> >>>> Email : musht...@wso2.com >>>> WSO2, Inc.; http://wso2.com/ >>>> lean . enterprise . middleware. >>>> >>>> <http://wso2.com/signature> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Malintha Amarasinghe *WSO2, Inc. - lean | enterprise | middleware* http://wso2.com/ Mobile : +94 712383306
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev